<?php
session_start();
//包含头
include '../PHP/head.php';
?>
<?php
//包含bootstrap的顶端按钮
include '../PHP/menu.php';
?>
<br />
<br />
<form class="form-inline" action = "../PHP/ch_pass_wd.php" method = "post">
<div class="form-group">
<label for="old_pass_wd">旧密码：</label>
<input class="form-control" placeholder="请输入密码" type = "password" name = "old_pass_wd" />
</div>
<div class="form-group">
<label for="pass_wd">新密码：</label>
<input class="form-control" placeholder="请输入新密码" type = "password" name = "pass_wd" />
</div>
<div class="form-group">
<label for="pass_wd_re">再次输入新密码：</label>
<input class="form-control" placeholder="请再次输入新密码" type = "password" name = "pass_wd_re" />
</div>
<button type="submit" class="btn btn-default">修改</button>
</form>

<?php
//引用必要的函数
require_once ('../FNS/db_fns.php');

if(isset($_POST['pass_wd'])) {
    
//创建变量并清除前后空格
$old_pass_wd = trim ($_POST['old_pass_wd']);
$pass_wd = trim ($_POST['pass_wd']);
$pass_wd_re = trim ($_POST['pass_wd_re']);


//判断是否为空
if (!$pass_wd || !$old_pass_wd || !$pass_wd_re){
	
	echo "<p>所有输入不能为空，请重新输入！</p>";
	echo "</div>";
	echo "</body>";
	exit;
}


//判断两次密码输入一致
if ($pass_wd <> $pass_wd_re) {
	echo "<p>两次密码输入不一致，请重新输入！</p>";
	echo "</div>";
	echo "</body>";
	exit;
}


//数据过滤和处理
//加引号避免输入数据库出错

if (! get_magic_quotes_gpc()) {
$pass_wd=addslashes ($pass_wd);
}

//连接数据库并搜索数据
//判断旧密码是否正确
$db= db_connect();

$query="select * from users where id = '".$user_id."'";
$result=$db->query ($query);
$num_result=$result->num_rows;
$row=$result->fetch_assoc ();

if ($old_pass_wd <> $row['pass_wd']){
echo "<body>";
echo "<p>旧密码输入错误，请重新输入！</p>";
echo "</div>";
echo "</body>";
$result->free();
$db->close();
exit;
}

$result->free();

//更新密码记录
$query="update users set pass_wd = '".$pass_wd."' where id = '".$user_id."'";
$result=$db->query ($query);
if ($result){
echo "<p>密码修改成功！</p>";
}else{
echo"<p>出错啦，密码修改失败！</p>";
}


$db->close();
}

?>




</div>
</body>
</html>
